package com.example.demo.expression;

import com.example.demo.pojo.LoginUser;
import lombok.var;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * 自定义权限校验类
 */
@Component("myEx")
public class MyExpressionRoot {

    /**
     * 是否有该权限
     * @param authority
     * @return
     */
    public boolean hasAuthority(String authority){

        // 获权限对象
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

        // 获取用户
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();

        // 获取权限集合
        List<String> permissions = loginUser.getPermissions();

        // 判断是否有该权限
        return permissions.contains(authority);
    }
}
